loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: William R. Simpson and Coimbatore Chandersekaran

Affiliation: Institute for Defense Analyses, United States

Keyword(s): Threat Mitigation, Vulnerability, Penetration Testing, Flaw Remediation.

Related Ontology Subjects/Areas/Topics: Enterprise Information Systems ; Information Systems Analysis and Specification ; Requirements Analysis And Management

Abstract: A process for fielding vulnerability free software in the enterprise is discussed. This process involves testing for known vulnerabilities, generic penetration testing and threat specific testing coupled with a strong flaw remediation process. The testing may be done by the software developer or certified testing laboratories. The goal is to mitigate all known vulnerabilities and exploits, and to be responsive in mitigating new vulnerabilities and/or exploits as they are discovered. The analyses are reviewed when new or additional threats are reviewed and prioritized with mitigation through the flaw remediation process, changes to the operational environment or the addition of additional controls or products). This process is derived from The Common Criteria for Information Technology Security Evaluation, Common Evaluation Methodology which covers both discovery and remediation. The process has been modified for the USAF enterprise.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.222.253.195

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
R. Simpson, W. and Chandersekaran, C. (2014). Vulnerability and Remediation for a High-assurance Web-based Enterprise. In Proceedings of the 16th International Conference on Enterprise Information Systems - Volume 1: ICEIS; ISBN 978-989-758-028-4; ISSN 2184-4992, SciTePress, pages 119-128. DOI: 10.5220/0004760501190128

@conference{iceis14,
author={William {R. Simpson}. and Coimbatore Chandersekaran.},
title={Vulnerability and Remediation for a High-assurance Web-based Enterprise},
booktitle={Proceedings of the 16th International Conference on Enterprise Information Systems - Volume 1: ICEIS},
year={2014},
pages={119-128},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004760501190128},
isbn={978-989-758-028-4},
issn={2184-4992},
}

TY - CONF

JO - Proceedings of the 16th International Conference on Enterprise Information Systems - Volume 1: ICEIS
TI - Vulnerability and Remediation for a High-assurance Web-based Enterprise
SN - 978-989-758-028-4
IS - 2184-4992
AU - R. Simpson, W.
AU - Chandersekaran, C.
PY - 2014
SP - 119
EP - 128
DO - 10.5220/0004760501190128
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic